Tag: Machine
Minimum PIN length
Minimum PIN length configures the minimum number of characters required for the work PIN. The lowest number you can configure for this policy setting is 4. The largest number you can configure must be less than the number configured in the Maximum PIN length policy setting or the number 127 whichever is the lowest.If you configure this policy setting the work PIN length must be greater than or equal to this number.If you disable or do not configure this policy setting the work PIN length must be greater than or equal to 4.NOTE: If the above specified conditions for the minimum PIN length are not met default values will be used for both the maximum and minimum PIN lengths.
Maximum PIN length
Maximum PIN length configures the maximum number of characters allowed for the work PIN. The largest number you can configure for this policy setting is 127. The lowest number you can configure must be larger than the number configured in the Minimum PIN length policy setting or the number 4 whichever is greater.If you configure this policy setting the work PIN length must be less than or equal to this number.If you disable or do not configure this policy setting the work PIN length must be less than or equal to 127.NOTE: If the above specified conditions for the maximum PIN length are not met default values will be used for both the maximum and minimum PIN lengths.
Use uppercase letters
Use this policy setting to configure the use of uppercase letters in the Microsoft Passport for work PIN.If you configure this policy setting to “Allow” Microsoft Passport for Work allows users to use uppercase letters in their work PIN.If you configure this policy setting to “Disallow” Microsoft Passport for Work prevents users from using uppercase letters in their work PIN.If you configure this policy setting to “Required” Microsoft Passport for Work requires users to include at least one uppercase letter in their work PIN.If you disable or do configure this policy setting Microsoft Passport for Work allows users to use uppercase letters in their work PIN.
Use lowercase letters
Use this policy setting to configure the use of lowercase letters in the Microsoft Passport for work PIN.If you configure this policy setting to “Allow” Microsoft Passport for Work allows users to use lowercase letters in their work PIN.If you configure this policy setting to “Disallow” Microsoft Passport for Work prevents users from using lowercase letters in their work PIN.If you configure this policy setting to “Required” Microsoft Passport for Work requires users to include at least one lowercase letter in their work PIN.If you disable or do not configure this policy setting Microsoft Passport for Work allows users to use lowercase letters in their work PIN.
Use special characters
Use this policy setting to configure the use of special characters in the Microsoft Passport for work PIN gesture. Valid special characters for Microsoft Passport for work PIN gestures include: ! ” # $ % & ‘ ( ) * + – . / : ; < = > ? @ [ -> ]
Use digits
Use this policy setting to configure the use of digits in the Microsoft Passport for work PIN.If you configure this policy setting to “Allow” Microsoft Passport for Work allows users to use digits in their work PIN.If you configure this policy setting to “Disallow” Microsoft Passport for Work prevents users from using digits in their work PIN.If you configure this policy setting to “Required” Microsoft Passport for Work requires users to include at least one digit in their work PIN.If you disable or do not configure this policy setting Microsoft Passport for Work allows users to use digits in their work PIN.
Start Layout
Specifies the Start layout for users.This setting lets you specify the Start layout for users and prevents them from changing its configuration. The Start layout you specify must be stored in an XML file that was generated by the Export-StartLayout PowerShell cmdlet.To use this setting you must first manually configure a device’s Start layout to the desired look and feel. Once you are done run the Export-StartLayout PowerShell cmdlet on that same device. The cmdlet will generate an XML file representing the layout you configured.Once the XML file is generated and moved to the desired file path type the fully qualified path and name of the XML file. You can type a local path such as C: -> StartLayouts -> myLayout.xml or a UNC path such as -> -> Server -> Share -> Layout.xml. If the specified file is not available when the user logs on the layout won’t be changed. Users cannot customize their Start screen while this setting is enabled.If you disable this setting or do not configure it the Start screen layout won’t be changed and users will be able to customize it.
Allow Uninstallation of Language Features
This policy setting controls whether some language features (for example spell checking dictionaries handwriting recognizers) can be uninstalled from the machine.
Configure pre-boot recovery message and URL
This policy setting lets you configure the entire recovery message or replace the existing URL that are displayed on the pre-boot key recovery screen when the OS drive is locked.If you select the “Use default recovery message and URL” option the default BitLocker recovery message and URL will be displayed in the pre-boot key recovery screen. If you have previously configured a custom recovery message or URL and want to revert to the default message you must keep the policy enabled and select the “Use default recovery message and URL” option.If you select the “Use custom recovery message” option the message you type in the “Custom recovery message option” text box will be displayed in the pre-boot key recovery screen. If a recovery URL is available include it in the message.If you select the “Use custom recovery URL” option the URL you type in the “Custom recovery URL option” text box will replace the default URL in the default recovery message which will be displayed in the pre-boot key recovery screen.Note: Not all characters and languages are supported in pre-boot. It is strongly recommended that you test that the characters you use for the custom message or URL appear correctly on the pre-boot recovery screen.
Defer Upgrade
If you enable this policy setting in Pro and Enterprise SKUs you can defer upgrades till the next upgrade period (at least a few months). If you do not have it set you will receive upgrades once they are available that will be installed as part of your update policies. Security updates will not be impacted by this policy. For more information on available upgrades see windows.com/itpro.